Search This Blog

Royal Thai Navy website hacked with SQL Injection vulnerability

Hackers breached the Royal Thai Navy website(www.navy.mi.th) via SQL injection vulnerability and compromised the database.


Cyber space poses an important role in the national security. A country should also remember to provide security in cyber space.   But the government fails to concentrate on cyber security that lefts most of the government sites vulnerable to hack.

The security breach of Royal Thai Navy website(www.navy.mi.th) is best example for this - the navy of Thailand and part of the Royal Thai Armed Forces.

A hacker with twitter handle @WilyXem has discovered a SQL Injection vulnerability in the Thailand navy website.   He managed to exploit the vulnerability and compromised the target database.

Earlier today, the hacker posted a link to the dump in twitter(sprunge.us/YHHf). The dump contains database details including database name, version, table details.  He also provided a Proof-of-Concept of the SQL injection vulnerability.

The hacker also leaked 3 tables namely membern, personalacc, personalacc1 that contains username and passwords in plain-text format.

It is really sad to know that the passwords are being stored in plain-text format. But it won't take much time for a hacker to crack, even if there is an encryption.  Because they use very weak password. 
Share it:

Breaking News

Database Leaked

hacker news

National Cyber Security

Security Breach

WilyXem